Issue #6548 has been updated by Daniel Pittman. Description updated Status changed from Unreviewed to Needs Decision
I have linked this to what looks like a related ticket: someone found that the MD5 in state.yml didn't match the observed state on disk; I guess this is the root cause of that. I have not validated that either this, or the other, ticket are still true. Someone needs to make a decision about what the state file means, and why it exists, and then from that what the *correct* behaviour is. (IMO, if we store state, we should store the pre *and* post change state.) ---------------------------------------- Bug #6548: State.yaml should store state after updates https://projects.puppetlabs.com/issues/6548 Author: Paul Berry Status: Needs Decision Priority: Normal Assignee: Category: Target version: Affected Puppet version: Keywords: Branch: When a resource is being both audited and managed, the values stored in state.yaml for that resource are the so-called "current values", which means the values of the resource properties *before* changes were applied. This causes an unfortunate scenario: 1. Assume that a resource is managed, and its state is A, and the user's manifest calls for state A. 2. In a later puppet run, the user changes the manifest to call for state B. Puppet changes the state to B, but it still records state A in state.yaml 3. In the very next puppet run, Puppet examines the state of the machine (B) and compares it to the state in state.yaml (A), and incorrectly concludes that the file has been changed outside of Puppet, so it generates an audit event in the report. To fix this, we should make sure that when a resource is being both audited and managed, and a change occurs, we update state.yaml with the new state of the resource _after_ the change rather than before it. -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-bugs?hl=en.
